diff options
Diffstat (limited to 'testing/web-platform/tests/fenced-frame/disallowed-navigations.https.html')
-rw-r--r-- | testing/web-platform/tests/fenced-frame/disallowed-navigations.https.html | 118 |
1 files changed, 118 insertions, 0 deletions
diff --git a/testing/web-platform/tests/fenced-frame/disallowed-navigations.https.html b/testing/web-platform/tests/fenced-frame/disallowed-navigations.https.html new file mode 100644 index 0000000000..5cde50d420 --- /dev/null +++ b/testing/web-platform/tests/fenced-frame/disallowed-navigations.https.html @@ -0,0 +1,118 @@ +<!DOCTYPE html> +<title>Fenced frame disallowed navigations</title> +<meta name="timeout" content="long"> +<script src="/resources/testharness.js"></script> +<script src="/resources/testharnessreport.js"></script> +<script src="/common/dispatcher/dispatcher.js"></script> +<script src="/common/get-host-info.sub.js"></script> +<script src="/common/utils.js"></script> +<script src="resources/utils.js"></script> +<script src="/fetch/local-network-access/resources/support.sub.js"></script> + +<body> + +<script> +// Baseline tests: +// - Embedder can navigate iframe to blob: URL +// - Embedder can navigate iframe to data: URL +// - Same-origin embedder can navigate iframe to javascript: URL +// - Embedder can navigate iframe to http: URL +// Fenced frame tests: +// - Embedder cannot navigate fenced frame to blob: URL +// - Embedder cannot navigate fenced frame to data: URL +// - Same-origin embedder cannot navigate fenced frame to +// javascript: URL +// - Embedder cannot navigate fenced frame to http: URL + +// Fenced frames are always put in the public IP address space which is the +// least privileged. In case a navigation to a local data: URL or blob: URL +// resource is allowed, they would only be able to fetch things that are *also* +// in the public IP address space. So for the document described by these local +// URLs, we'll set them up to only communicate back to the outer page via +// resources obtained in the public address space. +const kPublicUtils = resolveUrl("resources/utils.js", Server.HTTPS_PUBLIC); + +// These are just baseline tests asserting that this test's machinery to load +// blob:, data:, and javascript: URLs work properly in contexts where they are +// expected to. +promise_test(async () => { + const key = token(); + attachIFrame(`data:text/html, ${createLocalSource(key, kPublicUtils)}`); + const result = await nextValueFromServer(key); + assert_equals(result, "LOADED"); +}, "iframe data: URL"); + +promise_test(async () => { + const key = token(); + const blobURL = URL.createObjectURL( + new Blob([`${createLocalSource(key, kPublicUtils)}`], + {type: 'text/html'})); + attachIFrame(blobURL); + const result = await nextValueFromServer(key); + assert_equals(result, "LOADED"); +}, "iframe blob: URL"); + +promise_test(async () => { + const iframe = attachIFrameContext(); + iframe.src = "javascript:window.jsURLExecuted = true;" + await iframe.execute(async () => { + assert_equals(window.jsURLExecuted, true); + }); +}, "iframe javascript: URL"); + +// The following tests ensure that an embedder cannot navigate a fenced frame +// to: +// - data: URLs +// - blob: URLs +// - javascript: URLs +// - http: URLs +function getTimeoutPromise(t) { + return new Promise(resolve => + t.step_timeout(() => resolve("NOT LOADED"), 2000)); +} + +promise_test(async t => { + const key = token(); + attachFencedFrame(`data:text/html, ${createLocalSource(key, kPublicUtils)}`); + const loaded_promise = nextValueFromServer(key); + const result = await Promise.any([loaded_promise, getTimeoutPromise(t)]); + assert_equals(result, "NOT LOADED"); +}, `fenced frame data: URL`); + +promise_test(async t => { + const key = token(); + const blobURL = URL.createObjectURL( + new Blob([`${createLocalSource(key, kPublicUtils)}`], + {type: 'text/html'})); + attachFencedFrame(blobURL); + const loaded_promise = nextValueFromServer(key); + const result = await Promise.any([loaded_promise, getTimeoutPromise(t)]); + assert_equals(result, "NOT LOADED"); +}, `fenced frame blob: URL`); + +promise_test(async t => { + const fencedframe = attachFencedFrameContext(); + fencedframe.src = "javascript:window.jsURLExecuted = true;" + // Just in case the javascript URL executes asynchronously, let's wait for + // it. + await getTimeoutPromise(t); + await fencedframe.execute(async () => { + assert_equals(window.jsURLExecuted, undefined); + }); +}, `fenced frame javascript: URL`); + +promise_test(async t => { + const key = token(); + let http_url = new URL("resources/embeddee.html", + get_host_info().HTTP_ORIGIN + location.pathname); + http_url = generateURL(http_url, [key]); + assert_equals(http_url.protocol, "http:"); + const fencedframe = attachFencedFrame(http_url); + const loaded_promise = nextValueFromServer(key); + const result = await Promise.any([loaded_promise, getTimeoutPromise(t)]); + assert_equals(result, "NOT LOADED"); +}, `fenced frame http: URL`); + +</script> + +</body> |